Closed vipinjn24 closed 3 months ago
Error: /docker-entrypoint.sh: line 21: can't create /etc/pdns/recursor.conf: Permission denied
Only when using versions like the below. pschiffe/pdns-recursor:4.9-alpine pschiffe/pdns-recursor:4.7-alpine
This works fine with same config. pschiffe/pdns-recursor:alpine
Can you show me the config how are you creating the container?
Here it is:
apiVersion: apps/v1
kind: Deployment
metadata:
name: powerdns-recursor
spec:
selector:
matchLabels:
app: powerdns-recursor
template:
metadata:
labels:
app: powerdns-recursor
spec:
securityContext:
runAsUser: 100
runAsGroup: 101
fsGroup: 101
fsGroupChangePolicy: OnRootMismatch
containers:
- image: pschiffe/pdns-recursor:alpine
name: powerdns-recursor-master
ports:
- name: udp
protocol: UDP
containerPort: 3053
- name: tcp
protocol: TCP
containerPort: 3053
- name: api
protocol: TCP
containerPort: 8082
env:
- name: PDNS_local_port
value: '3053'
- name: PDNS_webserver
value: 'yes'
- name: PDNS_webserver_address
value: '0.0.0.0'
- name: PDNS_webserver_password
valueFrom:
secretKeyRef:
name: powerdns-recursor-secret
key: wspass
- name: PDNS_api_key
valueFrom:
secretKeyRef:
name: powerdns-recursor-secret
key: apikey
readinessProbe:
exec:
command:
- rec_control
- ping
initialDelaySeconds: 5
periodSeconds: 5
timeoutSeconds: 2
livenessProbe:
exec:
command:
- rec_control
- ping
initialDelaySeconds: 20
periodSeconds: 5
timeoutSeconds: 2
this one works fine but when i add the specific version then the problem comes up
I've updated the base images and created new tags. Support for running as non-root was added recently and wasn't tagged before.
Now, these images should work for you:
pschiffe/pdns-recursor:latest
pschiffe/pdns-recursor:alpine
pschiffe/pdns-recursor:5.0
pschiffe/pdns-recursor:5.0-alpine
Can you try?
this works fine, thanks.
a qq is this done for pdns also?
yep
Recursor 4.9 with pod security context failes to write the config file.
Says permission denied.